diff options
| author | ivan <ivan> | 2008-09-06 20:54:25 +0000 |
|---|---|---|
| committer | ivan <ivan> | 2008-09-06 20:54:25 +0000 |
| commit | bcb0e7d62c3533db5889bcfb97e312e277eceb0f (patch) | |
| tree | 58bf1f3247bb5406540e23900cf667429761806a | |
| parent | b6b2171beea6ca0d2e20899bd8fe30439f82903b (diff) | |
don't link to customer service view unless the user has the ACL to view the resulting page
| -rw-r--r-- | FS/FS/UI/Web.pm | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/FS/FS/UI/Web.pm b/FS/FS/UI/Web.pm index e4a9ac1b8..bcb4b0a78 100644 --- a/FS/FS/UI/Web.pm +++ b/FS/FS/UI/Web.pm @@ -138,6 +138,10 @@ sub svc_label_link { sub svc_X_link { my ($x, $m, $part_svc, $cust_svc) = @_ or return ''; + + return $x + unless $FS::CurrentUser::CurrentUser->access_right('View customer services'); + my $ahref = svc_url( 'ahref' => 1, 'm' => $m, @@ -149,6 +153,7 @@ sub svc_X_link { "$ahref$x</A>"; } +#this probably needs an ACL too... sub svc_export_links { my ($m, $part_svc, $cust_svc) = @_ or return ''; |